<?php
#基础函数
include_once('_path.php');

if (BENCHMARK) {
	require_once(_CONST_LOCAL_INCLUDE_PATH.'/Benchmark/Timer.php');
	$timer = new Benchmark_Timer();
	$timer->start();
}

#db
include_once(_CONST_LOCAL_INCLUDE_PATH."database.class.php");
$database = new Database($db_vars);

if ($db_slave_vars['hostname'] != '') {
	$slave = new Database($db_slave_vars);
} else {
	$slave =& $database;
}

#通用函数
include_once(_CONST_LOCAL_INCLUDE_PATH."common.php");

#weibo
include_once(_CONST_LOCAL_INCLUDE_PATH."/weibo/saetv2.ex.class.php");
#taobao
include_once(_CONST_LOCAL_INCLUDE_PATH."/taobao/taobao.class.php");

if (BENCHMARK) $timer->setMarker('init');

#用户信息
include_once(_CONST_LOCAL_INCLUDE_PATH."session.include.php");

if (BENCHMARK) $timer->setMarker('auth');

$token = $_POST['token'];
$act = $_POST['act'];
$username = $_REQUEST['username'];
if( $act == 'login' ) {
	if( !empty($token) && ($token == $_SESSION['token'])) {
		$name = trim($_POST['username']);
		$pwd = trim($_POST['password']);
		
		verify_field("username", "用户名", "empty");
		verify_field("password", "密码", "empty");
		
		if (!count($error_strs)) {
				$rs = $database->queryFirst("SELECT id, name FROM user WHERE (name = "
				.string_sql($name)." OR email = "
				.string_sql($name).") AND pwd ="
				.string_sql(md5($pwd)). " AND status = 0"
			);
			if (!empty($rs['id'])) {
				$_SESSION['userid'] = $rs['id'];
				$_SESSION['name'] = $rs['name'];
				header("Location:" . _CONST_WEB_URL . 'index.php');
			} else{
				$error_strs['username'] = "用户名或密码错误!";
			}
		}
	}
}

#初始化第二步
$token = md5(uniqid().time());
$_SESSION['token'] = $token;

#生成weibo链接 
$o = new SaeTOAuthV2( WB_AKEY , WB_SKEY );
$code_url = $o->getAuthorizeURL( WB_CALLBACK_URL );

#生成taobao链接
$t = new openTaoBao( TB_AKEY, TB_SKEY, TB_CALLBACK_URL);
$t->param = array(
'app_key'=>TB_AKEY,
'sign_method'=>'md5',
'timestamp'=>date('Y-m-d H:i:s',_CONST_TIMENOW),
);
$sign = $t->createSign();
$param = $t->createStrParam();
$param .= 'sign='.$sign;
$tb_login_url = $t->base_url . $param;
#$tb_login_url = $t->api($url);

#cache lite
include_once(_CONST_LOCAL_INCLUDE_PATH.'Cache/Lite.php');
include_once(_CONST_LOCAL_INCLUDE_PATH.'Cache/Lite/Output.php');

$cache = new Cache_Lite_Output();

#用于meta的keywords标签
$keywords = "";
#用于meta的Description标签
$description = "";
#用于mete的http-equiv标签
$referrer = "";
#用于meta的title标签
$title = "登录 - Votings";
#用于获取针对本页的css样式
$css = array();
#用于获取针对本页的js
$js = array("jquery.validate.min");
#用于获取针对head的其他标签
$links = array();
#用于控制那个主菜单为
$o = "nologin";

$ads = array();

$post_code =<<<HTML
HTML;

if (BENCHMARK) $timer->setMarker('proc');

//if ($user['loggedin'] < 1)
//	cache_header(900);

//no_cache_header();

#header
include_once(_CONST_LOCAL_LAYOUT_PATH."_header.php");
?>
<script>
$(function(){
	var validator = $("#loginForm").validate({
	    errorElement:"span",
		rules: {
			username: {
				required: true
			},
			password: {
				required: true
			}
		},
		messages: {
			username: {
				required: "请输入用户名！",
			},
			password: {
				required: "请输入密码！",
			}
		}
	});
});
</script>
<div id="main">
<form name="loginForm" id="loginForm" action="login.php" method="post">
<input name="token" id="token" type="hidden" value="<?php echo $token;?>">
<input name="act" id="act" type="hidden" value="login">
	<div class="box login-reg-wrap">
		<div class="box-header"><h1>登 录</h1></div>
		<div class="input-wrap clearfix">
			<label for="username">用户名 或 邮箱地址</label>
			<input type="text" id="username" name="username" class="login-user-name"  value="<?php echo iif(isset($username), $username, "输入您的用户名 或 邮箱地址") ?>" onfocus = "this.value=''" onblur = "if(this.value==''){this.value='输入您的用户名 或 邮箱地址'}"  />
			<?php echo show_error("username");?>
		</div>
		<div class="input-wrap clearfix">
			<label for="password">密码</label>
			<input type="password" id="password" name="password" class="login-password" value="输入您的密码" onfocus = "this.value=''" onblur = "if(this.value==''){this.value='输入您的密码'}" />
		</div>
		<input type="submit" name="login-btn" class="login-btn" value="" />
		<div class="open-id">
			<h2>使用合作网站帐号登录</h2>
			<ul>
				<li class="weibo"><a href="<?php echo $code_url;?>">微博登录</a></li>
				<li class="taobao"><a href="<?php echo $tb_login_url;?>">淘宝帐号登录</a></li>
			</ul>
		</div>
	</div>
</form>		
</div>
<!--main end-->
<?php
//footer
include_once (_CONST_LOCAL_LAYOUT_PATH."_footer.php");

if (BENCHMARK) $timer->setMarker('page');

if (BENCHMARK) {
	echo "<!-- init: ".$timer->timeElapsed('Start', 'init')." -->\n";
	echo "<!-- auth: ".$timer->timeElapsed('init', 'auth')." -->\n";
	echo "<!-- proc: ".$timer->timeElapsed('auth', 'proc')." -->\n";
	echo "<!-- page: ".$timer->timeElapsed('proc', 'page')." -->\n";
	echo "<!-- total: ".$timer->timeElapsed('Start', 'Stop')." -->\n";
}
?>
